From owner-freebsd-security  Tue Mar 12 14:36:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from clink.schulte.org (clink.schulte.org [209.134.156.193])
	by hub.freebsd.org (Postfix) with ESMTP id C93FE37B400
	for <freebsd-security@FreeBSD.ORG>; Tue, 12 Mar 2002 14:36:10 -0800 (PST)
Received: from schulte-laptop.nospam.schulte.org (nb-65.netbriefings.com [209.134.134.65])
	by clink.schulte.org (Postfix) with ESMTP
	id 3C8D324467; Tue, 12 Mar 2002 16:36:05 -0600 (CST)
Message-Id: <5.1.0.14.0.20020312161930.057a9240@pop3s.schulte.org>
X-Sender: 
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Tue, 12 Mar 2002 16:34:50 -0600
To: batz <batsy@vapour.net>,
	Christopher Schulte <schulte+freebsd@nospam.schulte.org>
From: Christopher Schulte <schulte+freebsd@nospam.schulte.org>
Subject: Re: PHP 4.1.2
Cc: lewwid <lewwid@telusplanet.net>, freebsd-security@FreeBSD.ORG,
	Max Mouse <maxmouse@maxmouse.org>
In-Reply-To: <Pine.BSF.4.21.0203121656480.5001-100000@vapour.net>
References: <5.1.0.14.0.20020312155431.04f93ac0@pop3s.schulte.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 05:04 PM 3/12/2002 -0500, batz wrote:
>By what you are saying, I can infer that RELENG_4_X also includes security
>fixes in ports which I can cvsup on a daily basis, and by doing this, fix
>any ports which have been declared vulnerable. I should further be able
>to automaticly upgrade any ports which use the vulnerable one as a
>dependency, by cvsup'ing RELENG_4_X.

The ports live on their own cvs island, there is no RELENG_ANYTHING 
associated with them.  The combined tree is maintained separately from the 
source code of the actual Operating System and bundled applications.

Check out the supfile samples in /usr/share/examples/cvsup/ :

###############################################################################
#
# DANGER!  WARNING!  LOOK OUT!  VORSICHT!
#
# If you add any of the ports collections to this file, be sure to
# specify them like this:
#
#   ports-all tag=.
#
# If you leave out the "tag=." portion, CVSup will delete all of
# the files in your ports tree.  That is because the ports collections
# do not use the same tags as the main part of the FreeBSD source tree.
#
###############################################################################

Just cvsup your ports tree daily, you'll pick up the new ports as the 
maintainers fix/add them.  You can then opt to reinstall ports already in 
use on your system.  If it's a new port install, you'll get the newest and 
greatest automatically.  /usr/ports/sysutils/portupgrade is great for 
keeping track of this kind of thing.

I hope that sheds some light.

Followups might be appropriate to -questions...

>--
>batz

--
Christopher Schulte
http://www.schulte.org/
Do not un-munge my @nospam.schulte.org
email address.  This address is valid.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message